Michael Chihlas
39e85c9770
Adds the invitee-side flow for self-serve signup Phase 2 (Task 36):
Backend
- Public GET /accounts/invites/{code}/lookup returns
{account_name, inviter_name, invited_email, role} for a valid invite,
404 invite_invalid_or_expired_or_revoked otherwise (collapses unknown /
expired / revoked / used into one anti-enumeration response). Mounted
in a new account_invite_lookup endpoints module on the public route
list, uses get_admin_db (BYPASSRLS) since the caller has no tenant.
- OAuthCallbackPayload gains optional account_invite_code + invited_email.
_sign_in_or_register honors them: a new OAuth user with a valid invite
joins the invited account (no personal account, no Pro trial), the
invite is marked used, and OAuth-profile-email vs invite-email mismatch
raises invite_email_mismatch (matching the email+password register
contract).
Frontend
- New public route /accept-invite -> AcceptInvitePage. Reads ?code=,
calls inviteApi.lookupAccountInvite, renders "Join {account} on
ResolutionFlow" with the invited email locked (rendered as a div, not
an input), three sign-in options (set password, Google, Microsoft),
and a clear "ask {inviter} to resend" + mailto: fallback for invalid
codes.
- OAuth state for invitees is base64url(JSON({csrf, accountInviteCode,
invitedEmail})). OAuthCallbackPage decodes both shapes, forwards the
invite fields to the backend, and surfaces invite_email_mismatch /
invite_invalid_or_expired_or_revoked errors with friendly text.
Successful invite-OAuth lands on /?welcome=teammate (suppresses the
welcome wizard for invitees per spec).
- UserCreate type + invite/auth API clients extended for the new fields.
Tests
- Backend: invite lookup happy path + four invalid-state collapse, OAuth
callback links invite when supplied + rejects on email mismatch.
- Frontend Vitest: AcceptInvitePage renders account name + locked email
+ accept buttons; resend message + mailto on invalid code.
All 43 backend auth/account/invite/email-verification tests green;
frontend Vitest 120/120 green; tsc -b clean.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
55 lines
2.0 KiB
Python
55 lines
2.0 KiB
Python
"""Public endpoint for resolving an account invite code into display info.
|
|
|
|
Mounted as a public route (no tenant context, no auth) — used by the
|
|
/accept-invite page on the frontend so an invitee can see what account they
|
|
are about to join before they sign up. Uses the BYPASSRLS admin session
|
|
factory because account_invites is account-scoped under Phase 4 RLS but the
|
|
caller has no tenant identity yet.
|
|
"""
|
|
|
|
from typing import Annotated
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException
|
|
from sqlalchemy import select
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
from sqlalchemy.orm import joinedload
|
|
|
|
from app.core.admin_database import get_admin_db
|
|
from app.models.account_invite import AccountInvite
|
|
from app.schemas.oauth import InviteLookupResponse
|
|
|
|
router = APIRouter(prefix="/accounts", tags=["account-invite-lookup"])
|
|
|
|
|
|
@router.get("/invites/{code}/lookup", response_model=InviteLookupResponse)
|
|
async def lookup_invite(
|
|
code: str,
|
|
db: Annotated[AsyncSession, Depends(get_admin_db)],
|
|
) -> InviteLookupResponse:
|
|
"""Return minimal display data for a valid (unused, unexpired, not revoked)
|
|
invite. Returns 404 with `invite_invalid_or_expired_or_revoked` for any
|
|
invalid state — the AcceptInvitePage shows a single "ask the inviter to
|
|
resend" message regardless of which condition failed (anti-enumeration)."""
|
|
result = await db.execute(
|
|
select(AccountInvite)
|
|
.where(AccountInvite.code == code)
|
|
.options(
|
|
joinedload(AccountInvite.account),
|
|
joinedload(AccountInvite.invited_by),
|
|
)
|
|
)
|
|
invite = result.scalar_one_or_none()
|
|
|
|
if invite is None or not invite.is_valid:
|
|
raise HTTPException(
|
|
status_code=404,
|
|
detail={"error": "invite_invalid_or_expired_or_revoked"},
|
|
)
|
|
|
|
return InviteLookupResponse(
|
|
account_name=invite.account.name,
|
|
inviter_name=invite.invited_by.name,
|
|
invited_email=invite.email,
|
|
role=invite.role,
|
|
)
|